Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Security Training
- Thread starter usmcjohn
- Start date
try the global knowledge website, they are the best in the voice world.. that is the old nortel traning division.. 90 percent of fraud is mail related.. if i dial into all the numbers in your did range, get voice mail press * and try the dn backwards and 1111 then hang up, i will be inside of a mailbox before very long.. if i change the revert dn to 9, diak back in to the did, press 0 for revert, i will get dialtone... you will get the bill... bad thing is i can dial in until all your vm ports are busy and change the revert back to 0 long before daylight.. as long as i only try 2 passwords per day, very little chance of anyone alerting you until you get the bill... i've seen that to the tune of 6 figures.. the next most common is cfxa in class but that is usually petty and internal.. i know that you asked for a class and if you find one, post a faq with some pointers... if you set cdb opt to cfo and make all your inbound trunks the same ncos that allows only local.. both of those are blocked.. then if you use auth codes make them 8 or more digits, don't program spares... don't use a pattern.. and turn on auth code alarms to the screen.. with just those changes, 90plus percent of the voice hackers may attempt your site, but few will waste time on it. i could still hack it after a visit of call to a user that i never met.. but why bother when most sites are wide open.. as a nearby site they set the default password to the ext backwards and never force a change..
john poole
bellsouth business
columbia,sc
john poole
bellsouth business
columbia,sc
The training is system specific - or of little value
One or the other.
I have some Nortel info here:
Vendors shy away from security after a point because they become liable for a system they simply cannot control after they walk out the door.
All penetrations other than inside abuse, calling card theft and DISA with a leaked security code are done by calling into your PBX and reaching something that is capable of transferring the call back outside. The "something" is an unknowing end user or more often a voice mail/processing system. There are a variety of ways I have to block even those users from being tricked. I met with Nortel’s first Security Specialist years ago and poof, many of my procedures look just like Nortel’s now…or Nortel’s look like mine?...yes.
~
One or the other.
I have some Nortel info here:
Vendors shy away from security after a point because they become liable for a system they simply cannot control after they walk out the door.
All penetrations other than inside abuse, calling card theft and DISA with a leaked security code are done by calling into your PBX and reaching something that is capable of transferring the call back outside. The "something" is an unknowing end user or more often a voice mail/processing system. There are a variety of ways I have to block even those users from being tricked. I met with Nortel’s first Security Specialist years ago and poof, many of my procedures look just like Nortel’s now…or Nortel’s look like mine?...yes.
~
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question